Tuesday, March 20th 2018

CTS-Labs Releases Masterkey Exploit Proof-of-Concept Video

by
btarunr
 Discuss (50 Comments)
CTS-Labs, the cyber security research firm that claims to have unearthed severe security vulnerabilities with AMD "Zen" CPU architecture, posted its first proof-of-concept demo video. This video deals with the "Masterkey" class of exploits, specifically Masterkey-1. The Masterkey class makes for 3 of the 13 vulnerabilities the firm discovered. As a quick refresher, Masterkey is an exploit of the Secure Boot feature, specifically getting around the feature's system integrity check on AMD "Zen" powered systems, by using a specially programmed system BIOS. Any privileged program (even from within Windows), can flash your system BIOS, and get around Secure Boot in the following system reboot (or even brick your system by writing a non-bootable BIOS image). The BIOS can then tinker with the ring -3 (minus 3) software running on Secure Processor, and survive reboots or OS re-installs. It would also be undetectable by traditional antivirus programs that can't have ring -3 access while running on top of an operating system.

In the video, we're shown a somewhat step-by-step process of infecting a TYAN-made server motherboard with a modified BIOS that has the Masterkey exploit. The demo BIOS by CTS, which has ARM Cortex A5-compatible code for the Secure Processor, makes it flicker its status code between "1337" and "7331" during POST, and go on to boot the OS as if nothing happened. It can be made to do anything once you've reached that far. CTS-Labs claims that it has a more elaborate shell code for Secure Processor that probably does more insidious things, but it won't be showing that to the public in this video. The objective of this demo appears to be to establish a proof-of-concept.
The video follows.


CTS-Labs stated that it's currently filming similar proof-of-concept videos for each of the other exploits.
Add your own comment

50 Comments on CTS-Labs Releases Masterkey Exploit Proof-of-Concept Video

#26
Chaitanya
the54thvoidI cannot paraphrase the excellent Anandtech article but I would recommend you read it.

It involves a detailed phone conversation transcript and Anandtech's critique of the knowledge gleamed. It does not deny the exploit but it clearly finds CTS to be 'financially motivated'.

www.anandtech.com/show/12536/our-interesting-call-with-cts-labs
Its not just Anandtech, yesterday Gamersnexus also posted video about CTS avoiding/diverting answering questions(video was deleted from my comment by moderator). This whole ordeal is becoming more and more fishy as time is passing by.
Posted on Reply
#27
efikkan
Requiring local access to run the BIOS exploit makes it a local exploit. Most operating systems can control everything remotely.
If I log in to a server with pre-known credentials and shred its files, the shredding itself is not a remote exploit.
However, if I am able to do remote unauthenticated actions on a system, that's a remote exploit.

Being able to bypass BIOS signatures by itself is a local exploit which many would categorize as a secondary exploit. If confirmed, it's certainly serious, but nowhere near damning for AMD. But combine this with one or two other exploits, and you can execute an attack on a system.

Judging by the video, either the verification of BIOS signatures have to be defective, or the attacker is in possession of the signing key. (assuming the video is genuine)
Proper BIOS verification would require a correctly implemented public/private cryptography.
Posted on Reply
#28
Imsochobo
_JP_So riddle me this:
This exploit can override Administrator/Supervisor passwords in the UEFI if set beforehand?
Usually, even from Windows, you need that in order to flash it. This seems that from the get-go, there will be no password, however I'm not finding this hurdle being mentioned as a portential mitigation for the MASTERKEY exploit too.
We've implemented a password on our computers because our INTEL computers are also viable to this hack.
that prevention again is easy to get around if you have the hardware in front of you, but each security step is just making it less attractive but it never prevents as there will always be a security hole.
Posted on Reply
#29
Pure Wop
R-T-B...and more importantly, survive reinstalls undetected.

That's the crux of it.

Yes, this is more an enterprise targeted scenario than an enduser one, but don't deny it is a problem. That makes you part of what? Certainly not the solution.
And? Can't Intel ME malware survive reinstalls? This should be as easily (or difficultly) fixed as Intel ME, and much harder to exploit. Yet this shady research seems to get more coverage that Intel ME.
Posted on Reply
#30
bug
the54thvoidI cannot paraphrase the excellent Anandtech article but I would recommend you read it.

It involves a detailed phone conversation transcript and Anandtech's critique of the knowledge gleamed. It does not deny the exploit but it clearly finds CTS to be 'financially motivated'.

www.anandtech.com/show/12536/our-interesting-call-with-cts-labs
Not that argument again. Google pays hackers to find exploits in their browser. Does that make exploits less risky?
Posted on Reply
#31
tvamos
ssdproIt doesn't appear anyone has profited from any short selling of any meaningful volume. AMD stock has been relatively unchanged over the last week at a lower than normal volume. It is definitely possible it was long term financially motivated. It reminds people AMD put recent products together on a shoe string budget and leaves people wondering if these vulnerabilities are real and how many vulnerabilities lay in waiting. Also, "financially motivated" sometimes signals discrediting or minimizing and it shouldn't. Every step a company makes is financially motivated. If you held to that theory AMD marketing would be minimized since it is "financially motivated". I remind everyone 7 days later AMD has only acknowledged these vulnerabilities and hasn't discredited or explained how low risk they are. That is way too long for a professional company to manage PR.
Remind us how many months Intel had before spectre and meltdown became public? And even then they had no response for how many days? Plus they even released whole new gen of CPUs knowing they were vulnerable to spectre and meltdown.
Posted on Reply
#32
R-T-B
Pure WopAnd? Can't Intel ME malware survive reinstalls? This should be as easily (or difficultly) fixed as Intel ME, and much harder to exploit. Yet this shady research seems to get more coverage that Intel ME.
Personally, I think the reason it's getting more coverage is the user response. Love it or hate it users have been enthusiastically replying. There is no technical reason either one is worse... yet anyways.
Posted on Reply
#33
W1zzard
xorbeOn topic, I've long wondered why motherboards don't have a jumper to enable/disable firmware write. [Other than $$$ for a single jumper.]
This is no longer viable since modern BIOSes, in particular UEFI use the BIOS flash to store some data.
Posted on Reply
#34
TheGuruStud
R-T-B...and more importantly, survive reinstalls undetected.

That's the crux of it.

Yes, this is more an enterprise targeted scenario than an enduser one, but don't deny it is a problem. That makes you part of what? Certainly not the solution.
You can definitely do this on Intel, too....it's a hit piece they won't give up.

Anyone defending this crap makes them a shill, whether they have the brains to know it or not.
Posted on Reply
#35
_JP_
xorbeOn topic, I've long wondered why motherboards don't have a jumper to enable/disable firmware write. [Other than $$$ for a single jumper.]
Well, UEFI needs to have a write state for Secure Boot stuff (and some other stuff). You do have software "locks" in the form of options to prevent flashing.
ImsochoboWe've implemented a password on our computers because our INTEL computers are also viable to this hack.
that prevention again is easy to get around if you have the hardware in front of you, but each security step is just making it less attractive but it never prevents as there will always be a security hole.
Right, but considering this one, the hole seems to be only there if the hardware isn't secured with a password to begin with.
Posted on Reply
#36
ikeke
community.amd.com/community/amd-corporate/blog/2018/03/20/initial-amd-technical-assessment-of-cts-labs-research

www.anandtech.com/show/12556/amd-confirms-exploits-patched-in-weeks
The salient high-level takeaway from AMD is this:
  1. All the issues can be confirmed on related AMD hardware, but require Admin Access at the metal
  2. All the issues are set to be fixed within weeks, not months, through firmware patches and BIOS updates
  3. No performance impact expected
  4. None of these issues are Zen-specific, but relate to the PSP and ASMedia chipsets.
  5. These are not related to the GPZ exploits earlier this year.
Can we now, please, have big banners with FUD written on them ?
Posted on Reply
#37
geon2k2
SO what did they prove, that you can load a bios from remote with Admin?

You can do this on any PC and consequences can be just as bad as updating a firmware for the security processor.

blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/

Quote from the above:
"There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers (see www.usenix.org/system/files/1401_08-12_mickens.pdf, Figure 1) "
Posted on Reply
#38
R-T-B
ikekeCan we now, please, have big banners with FUD written on them ?
Did we do that with the Intel ME issues?

No? Then no, sorry.
geon2k2SO what did they prove, that you can load a bios from remote with Admin?

You can do this on any PC.
You aren't supposed to be able to replace ME and PSP bios areas. They are signed.

Seriously, quit fanboying out of the woodwork to defend AMD and call anything against it "FUD." This is rather sickening and I LIKE AMD.
Posted on Reply
#39
ikeke
I meant that figuratively.

An update to article.

The FUD was FUD all along.
Posted on Reply
#40
bug
TheGuruStudYou can definitely do this on Intel, too....it's a hit piece they won't give up.

Anyone defending this crap makes them a shill, whether they have the brains to know it or not.
Fair enough.
What do we call those that dismiss this before other experts weigh in*? Clairvoyants maybe?

*A handful of them have and declared the vulerabilities real.
Posted on Reply
#42
TheGuruStud
bugFair enough.
What do we call those that dismiss this before other experts weigh in*? Clairvoyants maybe?

*A handful of them have and declared the vulerabilities real.
It can be dismissed, b/c it's NOT s serious threat. This should have been reported to AMD and ASmedia as per normal procedure and let them fix it. Instead, it was made into an opinion piece attacking AMD for market manipulation by idiots funded by an unknown source.
Posted on Reply
#43
bug
TheGuruStudIt can be dismissed, b/c it's NOT s serious threat. This should have been reported to AMD and ASmedia as per normal procedure and let them fix it. Instead, it was made into an opinion piece attacking AMD for market manipulation by idiots funded by an unknown source.
But what do you know? It's real: community.amd.com/community/amd-corporate/blog/2018/03/20/initial-amd-technical-assessment-of-cts-labs-research

It's true that they require admin access first (we already knew that), but the problem is they're a vector to installing further backdoors.
Problem reported, problem (soon to be) solved. I hope we can all move along now.
Posted on Reply
#44
ikeke
It's a threat, but the impact was incorrect and possible usage very limited. Assessment that fixing is impossible or will take very long time didnt hold aswell.

As such it's nothing but FUD based on how it was represented.

Vector for installing backdoors on systems where you have unsupervised access and OS is on baremetal and where you have admin and where BIOS flash is allowed. I can install a lot of backdoors on such system. No exploits needed, actually.
Posted on Reply
#45
bug
ikekeIt's a threat, but the impact was incorrect and possible usage very limited. Assessment that fixing is impossible or will take very long time didnt hold aswell.

As such it's nothing but FUD based on how it was represented.

Vector for installing backdoors on systems where you have unsupervised access and OS is on baremetal and where you have admin and where BIOS flash is allowed. I can install a lot of backdoors on such system. No exploits needed, actually.
At this point I'm not sure if you can't or won't understand why these issues are real. Not sev 1 real, but not something that could live on your system unpatched either.
Posted on Reply
#46
ikeke
Which part of "it's a threat" specifically did you found difficult to understand?
Posted on Reply
#47
bug
ikekeWhich part of "it's a threat" specifically did you found difficult to understand?
The part where you put "it's a threat" and "it's nothing but FUD" in the same post.

Edit: also, no BIOS flash needed, read the latest update on the original article.
Posted on Reply
#48
ikeke
The proof video posted today was about flashing a permanent back door...

edit: and again, now you missed the second part of what i said. "but the impact was incorrect and possible usage very limited. Assessment that fixing is impossible or will take very long time didnt hold aswell. "
Posted on Reply
Add your own comment
Nov 30th, 2024 00:33 EST change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts